I used to deploy my web apps on Ubuntu running on Digital Ocean but recently I switched to using CoreOS instead of Ubuntu.

For a while I didn’t understand CoreOS; a linux distro without package manager? How do I install more software on this thing?

Now I am a convert. CoreOS is not a Linux distro for end users. It’s a distro for deploying applications packaged as docker containers.

The benefit of using CoreOS is less configuration needed compared to e.g. Ubuntu.

I used to deploy multiple apps per server but for operational simplicity I moved to using one server per app. At $5 per server (my apps are written in Go, so they run comfortably on the smallest servers) it’s a reasonable cost.

Here’s my playbook for deploying an app on CoreOS. This example is how I deploy my blog.

content of id_rsa.pub is what you give DigitalOcean as ssh key when creating a server

After server is created, verify you can login: ssh -i ./id_rsa core@<ip_address>.

2. Initial server setup

To make the scripts more re-usable, create ipaddr.sh:

# e.g. IPADDR=137.63.26.193
IPADDR=<ip address of the server>
# git likes to loose non-standard permissions. This is always called from
# scripts so a good place to ensure right permissions on id_rsa
chmod 0600 id_rsa

For convenience I also write login.sh:

#!/bin/bash
. ./ipaddr.sh
ssh -i ./id_rsa core@${IPADDR}

Usually a kernel benefits from one or more tweaks. Some tweaks don’t persist
and have to be applied at startup. We’ll use systemd
to run startup script and adjust kernel parameters. We need several files.
files on the server:

startup.conf contains the settings. Default values for connection tracking are so
low that it’s easy for a malicious person to DoS your server just by opening
a small number of connections to your http server.

This is for the smallest server with 512 MB of RAM. Increase for larger servers.

startup_script.sh (/etc/systemd/system/startup_script.sh on the server):

This script makes the changes. Now we need to make sure it gets called at
startup.

startup.service (/etc/systemd/system/startup.service on the server):

# http://unix.stackexchange.com/questions/47695/how-to-write-startup-script-for-systemd
[Unit]
Description=things to do after each reboot
# just to be safe, run it after docker started
After=docker.service
Requires=docker.service
[Service]
Type=oneshot
# per https://www.digitalocean.com/community/tutorials/how-to-create-and-run-a-service-on-a-coreos-cluster
EnvironmentFile=/etc/environment
# '=-' means it can fail
ExecStart=-/etc/systemd/system/startup_script.sh
[Install]
WantedBy=multi-user.target

I have initial-server-setup.sh script to automate putting those files on the
server and configure systemd to notice it.